Conservancy/symposion_app
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Bind in djangosaml2

Browse source 
Our authn is provided via shibboleth
This commit is contained in:
Sachi King 2017-03-26 15:37:30 +11:00
parent c37ed61036
commit 37a9b37499
6 changed files with 820 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

326
pinaxcon/saml2/attribute-maps/basic.py Normal file
View file

@ -0,0 +1,326 @@
MAP = {
"identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:basic",
"fro": {
'urn:mace:dir:attribute-def:aRecord': 'aRecord',
'urn:mace:dir:attribute-def:aliasedEntryName': 'aliasedEntryName',
'urn:mace:dir:attribute-def:aliasedObjectName': 'aliasedObjectName',
'urn:mace:dir:attribute-def:associatedDomain': 'associatedDomain',
'urn:mace:dir:attribute-def:associatedName': 'associatedName',
'urn:mace:dir:attribute-def:audio': 'audio',
'urn:mace:dir:attribute-def:authorityRevocationList': 'authorityRevocationList',
'urn:mace:dir:attribute-def:buildingName': 'buildingName',
'urn:mace:dir:attribute-def:businessCategory': 'businessCategory',
'urn:mace:dir:attribute-def:c': 'c',
'urn:mace:dir:attribute-def:cACertificate': 'cACertificate',
'urn:mace:dir:attribute-def:cNAMERecord': 'cNAMERecord',
'urn:mace:dir:attribute-def:carLicense': 'carLicense',
'urn:mace:dir:attribute-def:certificateRevocationList': 'certificateRevocationList',
'urn:mace:dir:attribute-def:cn': 'cn',
'urn:mace:dir:attribute-def:co': 'co',
'urn:mace:dir:attribute-def:commonName': 'commonName',
'urn:mace:dir:attribute-def:countryName': 'countryName',
'urn:mace:dir:attribute-def:crossCertificatePair': 'crossCertificatePair',
'urn:mace:dir:attribute-def:dITRedirect': 'dITRedirect',
'urn:mace:dir:attribute-def:dSAQuality': 'dSAQuality',
'urn:mace:dir:attribute-def:dc': 'dc',
'urn:mace:dir:attribute-def:deltaRevocationList': 'deltaRevocationList',
'urn:mace:dir:attribute-def:departmentNumber': 'departmentNumber',
'urn:mace:dir:attribute-def:description': 'description',
'urn:mace:dir:attribute-def:destinationIndicator': 'destinationIndicator',
'urn:mace:dir:attribute-def:displayName': 'displayName',
'urn:mace:dir:attribute-def:distinguishedName': 'distinguishedName',
'urn:mace:dir:attribute-def:dmdName': 'dmdName',
'urn:mace:dir:attribute-def:dnQualifier': 'dnQualifier',
'urn:mace:dir:attribute-def:documentAuthor': 'documentAuthor',
'urn:mace:dir:attribute-def:documentIdentifier': 'documentIdentifier',
'urn:mace:dir:attribute-def:documentLocation': 'documentLocation',
'urn:mace:dir:attribute-def:documentPublisher': 'documentPublisher',
'urn:mace:dir:attribute-def:documentTitle': 'documentTitle',
'urn:mace:dir:attribute-def:documentVersion': 'documentVersion',
'urn:mace:dir:attribute-def:domainComponent': 'domainComponent',
'urn:mace:dir:attribute-def:drink': 'drink',
'urn:mace:dir:attribute-def:eduOrgHomePageURI': 'eduOrgHomePageURI',
'urn:mace:dir:attribute-def:eduOrgIdentityAuthNPolicyURI': 'eduOrgIdentityAuthNPolicyURI',
'urn:mace:dir:attribute-def:eduOrgLegalName': 'eduOrgLegalName',
'urn:mace:dir:attribute-def:eduOrgSuperiorURI': 'eduOrgSuperiorURI',
'urn:mace:dir:attribute-def:eduOrgWhitePagesURI': 'eduOrgWhitePagesURI',
'urn:mace:dir:attribute-def:eduPersonAffiliation': 'eduPersonAffiliation',
'urn:mace:dir:attribute-def:eduPersonEntitlement': 'eduPersonEntitlement',
'urn:mace:dir:attribute-def:eduPersonNickname': 'eduPersonNickname',
'urn:mace:dir:attribute-def:eduPersonOrgDN': 'eduPersonOrgDN',
'urn:mace:dir:attribute-def:eduPersonOrgUnitDN': 'eduPersonOrgUnitDN',
'urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation': 'eduPersonPrimaryAffiliation',
'urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN': 'eduPersonPrimaryOrgUnitDN',
'urn:mace:dir:attribute-def:eduPersonPrincipalName': 'eduPersonPrincipalName',
'urn:mace:dir:attribute-def:eduPersonScopedAffiliation': 'eduPersonScopedAffiliation',
'urn:mace:dir:attribute-def:eduPersonTargetedID': 'eduPersonTargetedID',
'urn:mace:dir:attribute-def:email': 'email',
'urn:mace:dir:attribute-def:emailAddress': 'emailAddress',
'urn:mace:dir:attribute-def:employeeNumber': 'employeeNumber',
'urn:mace:dir:attribute-def:employeeType': 'employeeType',
'urn:mace:dir:attribute-def:enhancedSearchGuide': 'enhancedSearchGuide',
'urn:mace:dir:attribute-def:facsimileTelephoneNumber': 'facsimileTelephoneNumber',
'urn:mace:dir:attribute-def:favouriteDrink': 'favouriteDrink',
'urn:mace:dir:attribute-def:fax': 'fax',
'urn:mace:dir:attribute-def:federationFeideSchemaVersion': 'federationFeideSchemaVersion',
'urn:mace:dir:attribute-def:friendlyCountryName': 'friendlyCountryName',
'urn:mace:dir:attribute-def:generationQualifier': 'generationQualifier',
'urn:mace:dir:attribute-def:givenName': 'givenName',
'urn:mace:dir:attribute-def:gn': 'gn',
'urn:mace:dir:attribute-def:homePhone': 'homePhone',
'urn:mace:dir:attribute-def:homePostalAddress': 'homePostalAddress',
'urn:mace:dir:attribute-def:homeTelephoneNumber': 'homeTelephoneNumber',
'urn:mace:dir:attribute-def:host': 'host',
'urn:mace:dir:attribute-def:houseIdentifier': 'houseIdentifier',
'urn:mace:dir:attribute-def:info': 'info',
'urn:mace:dir:attribute-def:initials': 'initials',
'urn:mace:dir:attribute-def:internationaliSDNNumber': 'internationaliSDNNumber',
'urn:mace:dir:attribute-def:janetMailbox': 'janetMailbox',
'urn:mace:dir:attribute-def:jpegPhoto': 'jpegPhoto',
'urn:mace:dir:attribute-def:knowledgeInformation': 'knowledgeInformation',
'urn:mace:dir:attribute-def:l': 'l',
'urn:mace:dir:attribute-def:labeledURI': 'labeledURI',
'urn:mace:dir:attribute-def:localityName': 'localityName',
'urn:mace:dir:attribute-def:mDRecord': 'mDRecord',
'urn:mace:dir:attribute-def:mXRecord': 'mXRecord',
'urn:mace:dir:attribute-def:mail': 'mail',
'urn:mace:dir:attribute-def:mailPreferenceOption': 'mailPreferenceOption',
'urn:mace:dir:attribute-def:manager': 'manager',
'urn:mace:dir:attribute-def:member': 'member',
'urn:mace:dir:attribute-def:mobile': 'mobile',
'urn:mace:dir:attribute-def:mobileTelephoneNumber': 'mobileTelephoneNumber',
'urn:mace:dir:attribute-def:nSRecord': 'nSRecord',
'urn:mace:dir:attribute-def:name': 'name',
'urn:mace:dir:attribute-def:norEduOrgAcronym': 'norEduOrgAcronym',
'urn:mace:dir:attribute-def:norEduOrgNIN': 'norEduOrgNIN',
'urn:mace:dir:attribute-def:norEduOrgSchemaVersion': 'norEduOrgSchemaVersion',
'urn:mace:dir:attribute-def:norEduOrgUniqueIdentifier': 'norEduOrgUniqueIdentifier',
'urn:mace:dir:attribute-def:norEduOrgUniqueNumber': 'norEduOrgUniqueNumber',
'urn:mace:dir:attribute-def:norEduOrgUnitUniqueIdentifier': 'norEduOrgUnitUniqueIdentifier',
'urn:mace:dir:attribute-def:norEduOrgUnitUniqueNumber': 'norEduOrgUnitUniqueNumber',
'urn:mace:dir:attribute-def:norEduPersonBirthDate': 'norEduPersonBirthDate',
'urn:mace:dir:attribute-def:norEduPersonLIN': 'norEduPersonLIN',
'urn:mace:dir:attribute-def:norEduPersonNIN': 'norEduPersonNIN',
'urn:mace:dir:attribute-def:o': 'o',
'urn:mace:dir:attribute-def:objectClass': 'objectClass',
'urn:mace:dir:attribute-def:organizationName': 'organizationName',
'urn:mace:dir:attribute-def:organizationalStatus': 'organizationalStatus',
'urn:mace:dir:attribute-def:organizationalUnitName': 'organizationalUnitName',
'urn:mace:dir:attribute-def:otherMailbox': 'otherMailbox',
'urn:mace:dir:attribute-def:ou': 'ou',
'urn:mace:dir:attribute-def:owner': 'owner',
'urn:mace:dir:attribute-def:pager': 'pager',
'urn:mace:dir:attribute-def:pagerTelephoneNumber': 'pagerTelephoneNumber',
'urn:mace:dir:attribute-def:personalSignature': 'personalSignature',
'urn:mace:dir:attribute-def:personalTitle': 'personalTitle',
'urn:mace:dir:attribute-def:photo': 'photo',
'urn:mace:dir:attribute-def:physicalDeliveryOfficeName': 'physicalDeliveryOfficeName',
'urn:mace:dir:attribute-def:pkcs9email': 'pkcs9email',
'urn:mace:dir:attribute-def:postOfficeBox': 'postOfficeBox',
'urn:mace:dir:attribute-def:postalAddress': 'postalAddress',
'urn:mace:dir:attribute-def:postalCode': 'postalCode',
'urn:mace:dir:attribute-def:preferredDeliveryMethod': 'preferredDeliveryMethod',
'urn:mace:dir:attribute-def:preferredLanguage': 'preferredLanguage',
'urn:mace:dir:attribute-def:presentationAddress': 'presentationAddress',
'urn:mace:dir:attribute-def:protocolInformation': 'protocolInformation',
'urn:mace:dir:attribute-def:pseudonym': 'pseudonym',
'urn:mace:dir:attribute-def:registeredAddress': 'registeredAddress',
'urn:mace:dir:attribute-def:rfc822Mailbox': 'rfc822Mailbox',
'urn:mace:dir:attribute-def:roleOccupant': 'roleOccupant',
'urn:mace:dir:attribute-def:roomNumber': 'roomNumber',
'urn:mace:dir:attribute-def:sOARecord': 'sOARecord',
'urn:mace:dir:attribute-def:searchGuide': 'searchGuide',
'urn:mace:dir:attribute-def:secretary': 'secretary',
'urn:mace:dir:attribute-def:seeAlso': 'seeAlso',
'urn:mace:dir:attribute-def:serialNumber': 'serialNumber',
'urn:mace:dir:attribute-def:singleLevelQuality': 'singleLevelQuality',
'urn:mace:dir:attribute-def:sn': 'sn',
'urn:mace:dir:attribute-def:st': 'st',
'urn:mace:dir:attribute-def:stateOrProvinceName': 'stateOrProvinceName',
'urn:mace:dir:attribute-def:street': 'street',
'urn:mace:dir:attribute-def:streetAddress': 'streetAddress',
'urn:mace:dir:attribute-def:subtreeMaximumQuality': 'subtreeMaximumQuality',
'urn:mace:dir:attribute-def:subtreeMinimumQuality': 'subtreeMinimumQuality',
'urn:mace:dir:attribute-def:supportedAlgorithms': 'supportedAlgorithms',
'urn:mace:dir:attribute-def:supportedApplicationContext': 'supportedApplicationContext',
'urn:mace:dir:attribute-def:surname': 'surname',
'urn:mace:dir:attribute-def:telephoneNumber': 'telephoneNumber',
'urn:mace:dir:attribute-def:teletexTerminalIdentifier': 'teletexTerminalIdentifier',
'urn:mace:dir:attribute-def:telexNumber': 'telexNumber',
'urn:mace:dir:attribute-def:textEncodedORAddress': 'textEncodedORAddress',
'urn:mace:dir:attribute-def:title': 'title',
'urn:mace:dir:attribute-def:uid': 'uid',
'urn:mace:dir:attribute-def:uniqueIdentifier': 'uniqueIdentifier',
'urn:mace:dir:attribute-def:uniqueMember': 'uniqueMember',
'urn:mace:dir:attribute-def:userCertificate': 'userCertificate',
'urn:mace:dir:attribute-def:userClass': 'userClass',
'urn:mace:dir:attribute-def:userPKCS12': 'userPKCS12',
'urn:mace:dir:attribute-def:userPassword': 'userPassword',
'urn:mace:dir:attribute-def:userSMIMECertificate': 'userSMIMECertificate',
'urn:mace:dir:attribute-def:userid': 'userid',
'urn:mace:dir:attribute-def:x121Address': 'x121Address',
'urn:mace:dir:attribute-def:x500UniqueIdentifier': 'x500UniqueIdentifier',
},
"to": {
'aRecord': 'urn:mace:dir:attribute-def:aRecord',
'aliasedEntryName': 'urn:mace:dir:attribute-def:aliasedEntryName',
'aliasedObjectName': 'urn:mace:dir:attribute-def:aliasedObjectName',
'associatedDomain': 'urn:mace:dir:attribute-def:associatedDomain',
'associatedName': 'urn:mace:dir:attribute-def:associatedName',
'audio': 'urn:mace:dir:attribute-def:audio',
'authorityRevocationList': 'urn:mace:dir:attribute-def:authorityRevocationList',
'buildingName': 'urn:mace:dir:attribute-def:buildingName',
'businessCategory': 'urn:mace:dir:attribute-def:businessCategory',
'c': 'urn:mace:dir:attribute-def:c',
'cACertificate': 'urn:mace:dir:attribute-def:cACertificate',
'cNAMERecord': 'urn:mace:dir:attribute-def:cNAMERecord',
'carLicense': 'urn:mace:dir:attribute-def:carLicense',
'certificateRevocationList': 'urn:mace:dir:attribute-def:certificateRevocationList',
'cn': 'urn:mace:dir:attribute-def:cn',
'co': 'urn:mace:dir:attribute-def:co',
'commonName': 'urn:mace:dir:attribute-def:commonName',
'countryName': 'urn:mace:dir:attribute-def:countryName',
'crossCertificatePair': 'urn:mace:dir:attribute-def:crossCertificatePair',
'dITRedirect': 'urn:mace:dir:attribute-def:dITRedirect',
'dSAQuality': 'urn:mace:dir:attribute-def:dSAQuality',
'dc': 'urn:mace:dir:attribute-def:dc',
'deltaRevocationList': 'urn:mace:dir:attribute-def:deltaRevocationList',
'departmentNumber': 'urn:mace:dir:attribute-def:departmentNumber',
'description': 'urn:mace:dir:attribute-def:description',
'destinationIndicator': 'urn:mace:dir:attribute-def:destinationIndicator',
'displayName': 'urn:mace:dir:attribute-def:displayName',
'distinguishedName': 'urn:mace:dir:attribute-def:distinguishedName',
'dmdName': 'urn:mace:dir:attribute-def:dmdName',
'dnQualifier': 'urn:mace:dir:attribute-def:dnQualifier',
'documentAuthor': 'urn:mace:dir:attribute-def:documentAuthor',
'documentIdentifier': 'urn:mace:dir:attribute-def:documentIdentifier',
'documentLocation': 'urn:mace:dir:attribute-def:documentLocation',
'documentPublisher': 'urn:mace:dir:attribute-def:documentPublisher',
'documentTitle': 'urn:mace:dir:attribute-def:documentTitle',
'documentVersion': 'urn:mace:dir:attribute-def:documentVersion',
'domainComponent': 'urn:mace:dir:attribute-def:domainComponent',
'drink': 'urn:mace:dir:attribute-def:drink',
'eduOrgHomePageURI': 'urn:mace:dir:attribute-def:eduOrgHomePageURI',
'eduOrgIdentityAuthNPolicyURI': 'urn:mace:dir:attribute-def:eduOrgIdentityAuthNPolicyURI',
'eduOrgLegalName': 'urn:mace:dir:attribute-def:eduOrgLegalName',
'eduOrgSuperiorURI': 'urn:mace:dir:attribute-def:eduOrgSuperiorURI',
'eduOrgWhitePagesURI': 'urn:mace:dir:attribute-def:eduOrgWhitePagesURI',
'eduPersonAffiliation': 'urn:mace:dir:attribute-def:eduPersonAffiliation',
'eduPersonEntitlement': 'urn:mace:dir:attribute-def:eduPersonEntitlement',
'eduPersonNickname': 'urn:mace:dir:attribute-def:eduPersonNickname',
'eduPersonOrgDN': 'urn:mace:dir:attribute-def:eduPersonOrgDN',
'eduPersonOrgUnitDN': 'urn:mace:dir:attribute-def:eduPersonOrgUnitDN',
'eduPersonPrimaryAffiliation': 'urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation',
'eduPersonPrimaryOrgUnitDN': 'urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN',
'eduPersonPrincipalName': 'urn:mace:dir:attribute-def:eduPersonPrincipalName',
'eduPersonScopedAffiliation': 'urn:mace:dir:attribute-def:eduPersonScopedAffiliation',
'eduPersonTargetedID': 'urn:mace:dir:attribute-def:eduPersonTargetedID',
'email': 'urn:mace:dir:attribute-def:email',
'emailAddress': 'urn:mace:dir:attribute-def:emailAddress',
'employeeNumber': 'urn:mace:dir:attribute-def:employeeNumber',
'employeeType': 'urn:mace:dir:attribute-def:employeeType',
'enhancedSearchGuide': 'urn:mace:dir:attribute-def:enhancedSearchGuide',
'facsimileTelephoneNumber': 'urn:mace:dir:attribute-def:facsimileTelephoneNumber',
'favouriteDrink': 'urn:mace:dir:attribute-def:favouriteDrink',
'fax': 'urn:mace:dir:attribute-def:fax',
'federationFeideSchemaVersion': 'urn:mace:dir:attribute-def:federationFeideSchemaVersion',
'friendlyCountryName': 'urn:mace:dir:attribute-def:friendlyCountryName',
'generationQualifier': 'urn:mace:dir:attribute-def:generationQualifier',
'givenName': 'urn:mace:dir:attribute-def:givenName',
'gn': 'urn:mace:dir:attribute-def:gn',
'homePhone': 'urn:mace:dir:attribute-def:homePhone',
'homePostalAddress': 'urn:mace:dir:attribute-def:homePostalAddress',
'homeTelephoneNumber': 'urn:mace:dir:attribute-def:homeTelephoneNumber',
'host': 'urn:mace:dir:attribute-def:host',
'houseIdentifier': 'urn:mace:dir:attribute-def:houseIdentifier',
'info': 'urn:mace:dir:attribute-def:info',
'initials': 'urn:mace:dir:attribute-def:initials',
'internationaliSDNNumber': 'urn:mace:dir:attribute-def:internationaliSDNNumber',
'janetMailbox': 'urn:mace:dir:attribute-def:janetMailbox',
'jpegPhoto': 'urn:mace:dir:attribute-def:jpegPhoto',
'knowledgeInformation': 'urn:mace:dir:attribute-def:knowledgeInformation',
'l': 'urn:mace:dir:attribute-def:l',
'labeledURI': 'urn:mace:dir:attribute-def:labeledURI',
'localityName': 'urn:mace:dir:attribute-def:localityName',
'mDRecord': 'urn:mace:dir:attribute-def:mDRecord',
'mXRecord': 'urn:mace:dir:attribute-def:mXRecord',
'mail': 'urn:mace:dir:attribute-def:mail',
'mailPreferenceOption': 'urn:mace:dir:attribute-def:mailPreferenceOption',
'manager': 'urn:mace:dir:attribute-def:manager',
'member': 'urn:mace:dir:attribute-def:member',
'mobile': 'urn:mace:dir:attribute-def:mobile',
'mobileTelephoneNumber': 'urn:mace:dir:attribute-def:mobileTelephoneNumber',
'nSRecord': 'urn:mace:dir:attribute-def:nSRecord',
'name': 'urn:mace:dir:attribute-def:name',
'norEduOrgAcronym': 'urn:mace:dir:attribute-def:norEduOrgAcronym',
'norEduOrgNIN': 'urn:mace:dir:attribute-def:norEduOrgNIN',
'norEduOrgSchemaVersion': 'urn:mace:dir:attribute-def:norEduOrgSchemaVersion',
'norEduOrgUniqueIdentifier': 'urn:mace:dir:attribute-def:norEduOrgUniqueIdentifier',
'norEduOrgUniqueNumber': 'urn:mace:dir:attribute-def:norEduOrgUniqueNumber',
'norEduOrgUnitUniqueIdentifier': 'urn:mace:dir:attribute-def:norEduOrgUnitUniqueIdentifier',
'norEduOrgUnitUniqueNumber': 'urn:mace:dir:attribute-def:norEduOrgUnitUniqueNumber',
'norEduPersonBirthDate': 'urn:mace:dir:attribute-def:norEduPersonBirthDate',
'norEduPersonLIN': 'urn:mace:dir:attribute-def:norEduPersonLIN',
'norEduPersonNIN': 'urn:mace:dir:attribute-def:norEduPersonNIN',
'o': 'urn:mace:dir:attribute-def:o',
'objectClass': 'urn:mace:dir:attribute-def:objectClass',
'organizationName': 'urn:mace:dir:attribute-def:organizationName',
'organizationalStatus': 'urn:mace:dir:attribute-def:organizationalStatus',
'organizationalUnitName': 'urn:mace:dir:attribute-def:organizationalUnitName',
'otherMailbox': 'urn:mace:dir:attribute-def:otherMailbox',
'ou': 'urn:mace:dir:attribute-def:ou',
'owner': 'urn:mace:dir:attribute-def:owner',
'pager': 'urn:mace:dir:attribute-def:pager',
'pagerTelephoneNumber': 'urn:mace:dir:attribute-def:pagerTelephoneNumber',
'personalSignature': 'urn:mace:dir:attribute-def:personalSignature',
'personalTitle': 'urn:mace:dir:attribute-def:personalTitle',
'photo': 'urn:mace:dir:attribute-def:photo',
'physicalDeliveryOfficeName': 'urn:mace:dir:attribute-def:physicalDeliveryOfficeName',
'pkcs9email': 'urn:mace:dir:attribute-def:pkcs9email',
'postOfficeBox': 'urn:mace:dir:attribute-def:postOfficeBox',
'postalAddress': 'urn:mace:dir:attribute-def:postalAddress',
'postalCode': 'urn:mace:dir:attribute-def:postalCode',
'preferredDeliveryMethod': 'urn:mace:dir:attribute-def:preferredDeliveryMethod',
'preferredLanguage': 'urn:mace:dir:attribute-def:preferredLanguage',
'presentationAddress': 'urn:mace:dir:attribute-def:presentationAddress',
'protocolInformation': 'urn:mace:dir:attribute-def:protocolInformation',
'pseudonym': 'urn:mace:dir:attribute-def:pseudonym',
'registeredAddress': 'urn:mace:dir:attribute-def:registeredAddress',
'rfc822Mailbox': 'urn:mace:dir:attribute-def:rfc822Mailbox',
'roleOccupant': 'urn:mace:dir:attribute-def:roleOccupant',
'roomNumber': 'urn:mace:dir:attribute-def:roomNumber',
'sOARecord': 'urn:mace:dir:attribute-def:sOARecord',
'searchGuide': 'urn:mace:dir:attribute-def:searchGuide',
'secretary': 'urn:mace:dir:attribute-def:secretary',
'seeAlso': 'urn:mace:dir:attribute-def:seeAlso',
'serialNumber': 'urn:mace:dir:attribute-def:serialNumber',
'singleLevelQuality': 'urn:mace:dir:attribute-def:singleLevelQuality',
'sn': 'urn:mace:dir:attribute-def:sn',
'st': 'urn:mace:dir:attribute-def:st',
'stateOrProvinceName': 'urn:mace:dir:attribute-def:stateOrProvinceName',
'street': 'urn:mace:dir:attribute-def:street',
'streetAddress': 'urn:mace:dir:attribute-def:streetAddress',
'subtreeMaximumQuality': 'urn:mace:dir:attribute-def:subtreeMaximumQuality',
'subtreeMinimumQuality': 'urn:mace:dir:attribute-def:subtreeMinimumQuality',
'supportedAlgorithms': 'urn:mace:dir:attribute-def:supportedAlgorithms',
'supportedApplicationContext': 'urn:mace:dir:attribute-def:supportedApplicationContext',
'surname': 'urn:mace:dir:attribute-def:surname',
'telephoneNumber': 'urn:mace:dir:attribute-def:telephoneNumber',
'teletexTerminalIdentifier': 'urn:mace:dir:attribute-def:teletexTerminalIdentifier',
'telexNumber': 'urn:mace:dir:attribute-def:telexNumber',
'textEncodedORAddress': 'urn:mace:dir:attribute-def:textEncodedORAddress',
'title': 'urn:mace:dir:attribute-def:title',
'uid': 'urn:mace:dir:attribute-def:uid',
'uniqueIdentifier': 'urn:mace:dir:attribute-def:uniqueIdentifier',
'uniqueMember': 'urn:mace:dir:attribute-def:uniqueMember',
'userCertificate': 'urn:mace:dir:attribute-def:userCertificate',
'userClass': 'urn:mace:dir:attribute-def:userClass',
'userPKCS12': 'urn:mace:dir:attribute-def:userPKCS12',
'userPassword': 'urn:mace:dir:attribute-def:userPassword',
'userSMIMECertificate': 'urn:mace:dir:attribute-def:userSMIMECertificate',
'userid': 'urn:mace:dir:attribute-def:userid',
'x121Address': 'urn:mace:dir:attribute-def:x121Address',
'x500UniqueIdentifier': 'urn:mace:dir:attribute-def:x500UniqueIdentifier',
}
}

241
pinaxcon/saml2/attribute-maps/saml_uri.py Normal file
View file

@ -0,0 +1,241 @@
__author__ = 'rolandh'
EDUPERSON_OID = "urn:oid:1.3.6.1.4.1.5923.1.1.1."
X500ATTR_OID = "urn:oid:2.5.4."
NOREDUPERSON_OID = "urn:oid:1.3.6.1.4.1.2428.90.1."
NETSCAPE_LDAP = "urn:oid:2.16.840.1.113730.3.1."
UCL_DIR_PILOT = 'urn:oid:0.9.2342.19200300.100.1.'
PKCS_9 = "urn:oid:1.2.840.113549.1.9.1."
UMICH = "urn:oid:1.3.6.1.4.1.250.1.57."
SCHAC = "urn:oid:1.3.6.1.4.1.25178.2."
MAP = {
"identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
"fro": {
EDUPERSON_OID+'2': 'eduPersonNickname',
EDUPERSON_OID+'9': 'eduPersonScopedAffiliation',
EDUPERSON_OID+'11': 'eduPersonAssurance',
EDUPERSON_OID+'10': 'eduPersonTargetedID',
EDUPERSON_OID+'4': 'eduPersonOrgUnitDN',
NOREDUPERSON_OID+'6': 'norEduOrgAcronym',
NOREDUPERSON_OID+'7': 'norEduOrgUniqueIdentifier',
NOREDUPERSON_OID+'4': 'norEduPersonLIN',
EDUPERSON_OID+'1': 'eduPersonAffiliation',
NOREDUPERSON_OID+'2': 'norEduOrgUnitUniqueNumber',
NETSCAPE_LDAP+'40': 'userSMIMECertificate',
NOREDUPERSON_OID+'1': 'norEduOrgUniqueNumber',
NETSCAPE_LDAP+'241': 'displayName',
UCL_DIR_PILOT+'37': 'associatedDomain',
EDUPERSON_OID+'6': 'eduPersonPrincipalName',
NOREDUPERSON_OID+'8': 'norEduOrgUnitUniqueIdentifier',
NOREDUPERSON_OID+'9': 'federationFeideSchemaVersion',
X500ATTR_OID+'53': 'deltaRevocationList',
X500ATTR_OID+'52': 'supportedAlgorithms',
X500ATTR_OID+'51': 'houseIdentifier',
X500ATTR_OID+'50': 'uniqueMember',
X500ATTR_OID+'19': 'physicalDeliveryOfficeName',
X500ATTR_OID+'18': 'postOfficeBox',
X500ATTR_OID+'17': 'postalCode',
X500ATTR_OID+'16': 'postalAddress',
X500ATTR_OID+'15': 'businessCategory',
X500ATTR_OID+'14': 'searchGuide',
EDUPERSON_OID+'5': 'eduPersonPrimaryAffiliation',
X500ATTR_OID+'12': 'title',
X500ATTR_OID+'11': 'ou',
X500ATTR_OID+'10': 'o',
X500ATTR_OID+'37': 'cACertificate',
X500ATTR_OID+'36': 'userCertificate',
X500ATTR_OID+'31': 'member',
X500ATTR_OID+'30': 'supportedApplicationContext',
X500ATTR_OID+'33': 'roleOccupant',
X500ATTR_OID+'32': 'owner',
NETSCAPE_LDAP+'1': 'carLicense',
PKCS_9+'1': 'email',
NETSCAPE_LDAP+'3': 'employeeNumber',
NETSCAPE_LDAP+'2': 'departmentNumber',
X500ATTR_OID+'39': 'certificateRevocationList',
X500ATTR_OID+'38': 'authorityRevocationList',
NETSCAPE_LDAP+'216': 'userPKCS12',
EDUPERSON_OID+'8': 'eduPersonPrimaryOrgUnitDN',
X500ATTR_OID+'9': 'street',
X500ATTR_OID+'8': 'st',
NETSCAPE_LDAP+'39': 'preferredLanguage',
EDUPERSON_OID+'7': 'eduPersonEntitlement',
X500ATTR_OID+'2': 'knowledgeInformation',
X500ATTR_OID+'7': 'l',
X500ATTR_OID+'6': 'c',
X500ATTR_OID+'5': 'serialNumber',
X500ATTR_OID+'4': 'sn',
UCL_DIR_PILOT+'60': 'jpegPhoto',
X500ATTR_OID+'65': 'pseudonym',
NOREDUPERSON_OID+'5': 'norEduPersonNIN',
UCL_DIR_PILOT+'3': 'mail',
UCL_DIR_PILOT+'25': 'dc',
X500ATTR_OID+'40': 'crossCertificatePair',
X500ATTR_OID+'42': 'givenName',
X500ATTR_OID+'43': 'initials',
X500ATTR_OID+'44': 'generationQualifier',
X500ATTR_OID+'45': 'x500UniqueIdentifier',
X500ATTR_OID+'46': 'dnQualifier',
X500ATTR_OID+'47': 'enhancedSearchGuide',
X500ATTR_OID+'48': 'protocolInformation',
X500ATTR_OID+'54': 'dmdName',
NETSCAPE_LDAP+'4': 'employeeType',
X500ATTR_OID+'22': 'teletexTerminalIdentifier',
X500ATTR_OID+'23': 'facsimileTelephoneNumber',
X500ATTR_OID+'20': 'telephoneNumber',
X500ATTR_OID+'21': 'telexNumber',
X500ATTR_OID+'26': 'registeredAddress',
X500ATTR_OID+'27': 'destinationIndicator',
X500ATTR_OID+'24': 'x121Address',
X500ATTR_OID+'25': 'internationaliSDNNumber',
X500ATTR_OID+'28': 'preferredDeliveryMethod',
X500ATTR_OID+'29': 'presentationAddress',
EDUPERSON_OID+'3': 'eduPersonOrgDN',
NOREDUPERSON_OID+'3': 'norEduPersonBirthDate',
UMICH+'57': 'labeledURI',
UCL_DIR_PILOT+'1': 'uid',
SCHAC+'1': 'schacMotherTongue',
SCHAC+'2': 'schacGender',
SCHAC+'3': 'schacDateOfBirth',
SCHAC+'4': 'schacPlaceOfBirth',
SCHAC+'5': 'schacCountryOfCitizenship',
SCHAC+'6': 'schacSn1',
SCHAC+'7': 'schacSn2',
SCHAC+'8': 'schacPersonalTitle',
SCHAC+'9': 'schacHomeOrganization',
SCHAC+'10': 'schacHomeOrganizationType',
SCHAC+'11': 'schacCountryOfResidence',
SCHAC+'12': 'schacUserPresenceID',
SCHAC+'13': 'schacPersonalPosition',
SCHAC+'14': 'schacPersonalUniqueCode',
SCHAC+'15': 'schacPersonalUniqueID',
SCHAC+'17': 'schacExpiryDate',
SCHAC+'18': 'schacUserPrivateAttribute',
SCHAC+'19': 'schacUserStatus',
SCHAC+'20': 'schacProjectMembership',
SCHAC+'21': 'schacProjectSpecificRole',
},
"to": {
'roleOccupant': X500ATTR_OID+'33',
'gn': X500ATTR_OID+'42',
'norEduPersonNIN': NOREDUPERSON_OID+'5',
'title': X500ATTR_OID+'12',
'facsimileTelephoneNumber': X500ATTR_OID+'23',
'mail': UCL_DIR_PILOT+'3',
'postOfficeBox': X500ATTR_OID+'18',
'fax': X500ATTR_OID+'23',
'telephoneNumber': X500ATTR_OID+'20',
'norEduPersonBirthDate': NOREDUPERSON_OID+'3',
'rfc822Mailbox': UCL_DIR_PILOT+'3',
'dc': UCL_DIR_PILOT+'25',
'countryName': X500ATTR_OID+'6',
'emailAddress': PKCS_9+'1',
'employeeNumber': NETSCAPE_LDAP+'3',
'organizationName': X500ATTR_OID+'10',
'eduPersonAssurance': EDUPERSON_OID+'11',
'norEduOrgAcronym': NOREDUPERSON_OID+'6',
'registeredAddress': X500ATTR_OID+'26',
'physicalDeliveryOfficeName': X500ATTR_OID+'19',
'associatedDomain': UCL_DIR_PILOT+'37',
'l': X500ATTR_OID+'7',
'stateOrProvinceName': X500ATTR_OID+'8',
'federationFeideSchemaVersion': NOREDUPERSON_OID+'9',
'pkcs9email': PKCS_9+'1',
'givenName': X500ATTR_OID+'42',
'givenname': X500ATTR_OID+'42',
'x500UniqueIdentifier': X500ATTR_OID+'45',
'eduPersonNickname': EDUPERSON_OID+'2',
'houseIdentifier': X500ATTR_OID+'51',
'street': X500ATTR_OID+'9',
'supportedAlgorithms': X500ATTR_OID+'52',
'preferredLanguage': NETSCAPE_LDAP+'39',
'postalAddress': X500ATTR_OID+'16',
'email': PKCS_9+'1',
'norEduOrgUnitUniqueIdentifier': NOREDUPERSON_OID+'8',
'eduPersonPrimaryOrgUnitDN': EDUPERSON_OID+'8',
'c': X500ATTR_OID+'6',
'teletexTerminalIdentifier': X500ATTR_OID+'22',
'o': X500ATTR_OID+'10',
'cACertificate': X500ATTR_OID+'37',
'telexNumber': X500ATTR_OID+'21',
'ou': X500ATTR_OID+'11',
'initials': X500ATTR_OID+'43',
'eduPersonOrgUnitDN': EDUPERSON_OID+'4',
'deltaRevocationList': X500ATTR_OID+'53',
'norEduPersonLIN': NOREDUPERSON_OID+'4',
'supportedApplicationContext': X500ATTR_OID+'30',
'eduPersonEntitlement': EDUPERSON_OID+'7',
'generationQualifier': X500ATTR_OID+'44',
'eduPersonAffiliation': EDUPERSON_OID+'1',
'edupersonaffiliation': EDUPERSON_OID+'1',
'eduPersonPrincipalName': EDUPERSON_OID+'6',
'edupersonprincipalname': EDUPERSON_OID+'6',
'localityName': X500ATTR_OID+'7',
'owner': X500ATTR_OID+'32',
'norEduOrgUnitUniqueNumber': NOREDUPERSON_OID+'2',
'searchGuide': X500ATTR_OID+'14',
'certificateRevocationList': X500ATTR_OID+'39',
'organizationalUnitName': X500ATTR_OID+'11',
'userCertificate': X500ATTR_OID+'36',
'preferredDeliveryMethod': X500ATTR_OID+'28',
'internationaliSDNNumber': X500ATTR_OID+'25',
'uniqueMember': X500ATTR_OID+'50',
'departmentNumber': NETSCAPE_LDAP+'2',
'enhancedSearchGuide': X500ATTR_OID+'47',
'userPKCS12': NETSCAPE_LDAP+'216',
'eduPersonTargetedID': EDUPERSON_OID+'10',
'norEduOrgUniqueNumber': NOREDUPERSON_OID+'1',
'x121Address': X500ATTR_OID+'24',
'destinationIndicator': X500ATTR_OID+'27',
'eduPersonPrimaryAffiliation': EDUPERSON_OID+'5',
'surname': X500ATTR_OID+'4',
'jpegPhoto': UCL_DIR_PILOT+'60',
'eduPersonScopedAffiliation': EDUPERSON_OID+'9',
'edupersonscopedaffiliation': EDUPERSON_OID+'9',
'protocolInformation': X500ATTR_OID+'48',
'knowledgeInformation': X500ATTR_OID+'2',
'employeeType': NETSCAPE_LDAP+'4',
'userSMIMECertificate': NETSCAPE_LDAP+'40',
'member': X500ATTR_OID+'31',
'streetAddress': X500ATTR_OID+'9',
'dmdName': X500ATTR_OID+'54',
'postalCode': X500ATTR_OID+'17',
'pseudonym': X500ATTR_OID+'65',
'dnQualifier': X500ATTR_OID+'46',
'crossCertificatePair': X500ATTR_OID+'40',
'eduPersonOrgDN': EDUPERSON_OID+'3',
'authorityRevocationList': X500ATTR_OID+'38',
'displayName': NETSCAPE_LDAP+'241',
'businessCategory': X500ATTR_OID+'15',
'serialNumber': X500ATTR_OID+'5',
'norEduOrgUniqueIdentifier': NOREDUPERSON_OID+'7',
'st': X500ATTR_OID+'8',
'carLicense': NETSCAPE_LDAP+'1',
'presentationAddress': X500ATTR_OID+'29',
'sn': X500ATTR_OID+'4',
'domainComponent': UCL_DIR_PILOT+'25',
'labeledURI': UMICH+'57',
'uid': UCL_DIR_PILOT+'1',
'schacMotherTongue':SCHAC+'1',
'schacGender': SCHAC+'2',
'schacDateOfBirth':SCHAC+'3',
'schacPlaceOfBirth': SCHAC+'4',
'schacCountryOfCitizenship':SCHAC+'5',
'schacSn1': SCHAC+'6',
'schacSn2': SCHAC+'7',
'schacPersonalTitle':SCHAC+'8',
'schacHomeOrganization': SCHAC+'9',
'schacHomeOrganizationType': SCHAC+'10',
'schacCountryOfResidence': SCHAC+'11',
'schacUserPresenceID': SCHAC+'12',
'schacPersonalPosition': SCHAC+'13',
'schacPersonalUniqueCode': SCHAC+'14',
'schacPersonalUniqueID': SCHAC+'15',
'schacExpiryDate': SCHAC+'17',
'schacUserPrivateAttribute': SCHAC+'18',
'schacUserStatus': SCHAC+'19',
'schacProjectMembership': SCHAC+'20',
'schacProjectSpecificRole': SCHAC+'21',
}
}

190
pinaxcon/saml2/attribute-maps/shibboleth_uri.py Normal file
View file

@ -0,0 +1,190 @@
EDUPERSON_OID = "urn:oid:1.3.6.1.4.1.5923.1.1.1."
X500ATTR = "urn:oid:2.5.4."
NOREDUPERSON_OID = "urn:oid:1.3.6.1.4.1.2428.90.1."
NETSCAPE_LDAP = "urn:oid:2.16.840.1.113730.3.1."
UCL_DIR_PILOT = "urn:oid:0.9.2342.19200300.100.1."
PKCS_9 = "urn:oid:1.2.840.113549.1.9."
UMICH = "urn:oid:1.3.6.1.4.1.250.1.57."
MAP = {
"identifier": "urn:mace:shibboleth:1.0:attributeNamespace:uri",
"fro": {
EDUPERSON_OID+'2': 'eduPersonNickname',
EDUPERSON_OID+'9': 'eduPersonScopedAffiliation',
EDUPERSON_OID+'11': 'eduPersonAssurance',
EDUPERSON_OID+'10': 'eduPersonTargetedID',
EDUPERSON_OID+'4': 'eduPersonOrgUnitDN',
NOREDUPERSON_OID+'6': 'norEduOrgAcronym',
NOREDUPERSON_OID+'7': 'norEduOrgUniqueIdentifier',
NOREDUPERSON_OID+'4': 'norEduPersonLIN',
EDUPERSON_OID+'1': 'eduPersonAffiliation',
NOREDUPERSON_OID+'2': 'norEduOrgUnitUniqueNumber',
NETSCAPE_LDAP+'40': 'userSMIMECertificate',
NOREDUPERSON_OID+'1': 'norEduOrgUniqueNumber',
NETSCAPE_LDAP+'241': 'displayName',
UCL_DIR_PILOT+'37': 'associatedDomain',
EDUPERSON_OID+'6': 'eduPersonPrincipalName',
NOREDUPERSON_OID+'8': 'norEduOrgUnitUniqueIdentifier',
NOREDUPERSON_OID+'9': 'federationFeideSchemaVersion',
X500ATTR+'53': 'deltaRevocationList',
X500ATTR+'52': 'supportedAlgorithms',
X500ATTR+'51': 'houseIdentifier',
X500ATTR+'50': 'uniqueMember',
X500ATTR+'19': 'physicalDeliveryOfficeName',
X500ATTR+'18': 'postOfficeBox',
X500ATTR+'17': 'postalCode',
X500ATTR+'16': 'postalAddress',
X500ATTR+'15': 'businessCategory',
X500ATTR+'14': 'searchGuide',
EDUPERSON_OID+'5': 'eduPersonPrimaryAffiliation',
X500ATTR+'12': 'title',
X500ATTR+'11': 'ou',
X500ATTR+'10': 'o',
X500ATTR+'37': 'cACertificate',
X500ATTR+'36': 'userCertificate',
X500ATTR+'31': 'member',
X500ATTR+'30': 'supportedApplicationContext',
X500ATTR+'33': 'roleOccupant',
X500ATTR+'32': 'owner',
NETSCAPE_LDAP+'1': 'carLicense',
PKCS_9+'1': 'email',
NETSCAPE_LDAP+'3': 'employeeNumber',
NETSCAPE_LDAP+'2': 'departmentNumber',
X500ATTR+'39': 'certificateRevocationList',
X500ATTR+'38': 'authorityRevocationList',
NETSCAPE_LDAP+'216': 'userPKCS12',
EDUPERSON_OID+'8': 'eduPersonPrimaryOrgUnitDN',
X500ATTR+'9': 'street',
X500ATTR+'8': 'st',
NETSCAPE_LDAP+'39': 'preferredLanguage',
EDUPERSON_OID+'7': 'eduPersonEntitlement',
X500ATTR+'2': 'knowledgeInformation',
X500ATTR+'7': 'l',
X500ATTR+'6': 'c',
X500ATTR+'5': 'serialNumber',
X500ATTR+'4': 'sn',
UCL_DIR_PILOT+'60': 'jpegPhoto',
X500ATTR+'65': 'pseudonym',
NOREDUPERSON_OID+'5': 'norEduPersonNIN',
UCL_DIR_PILOT+'3': 'mail',
UCL_DIR_PILOT+'25': 'dc',
X500ATTR+'40': 'crossCertificatePair',
X500ATTR+'42': 'givenName',
X500ATTR+'43': 'initials',
X500ATTR+'44': 'generationQualifier',
X500ATTR+'45': 'x500UniqueIdentifier',
X500ATTR+'46': 'dnQualifier',
X500ATTR+'47': 'enhancedSearchGuide',
X500ATTR+'48': 'protocolInformation',
X500ATTR+'54': 'dmdName',
NETSCAPE_LDAP+'4': 'employeeType',
X500ATTR+'22': 'teletexTerminalIdentifier',
X500ATTR+'23': 'facsimileTelephoneNumber',
X500ATTR+'20': 'telephoneNumber',
X500ATTR+'21': 'telexNumber',
X500ATTR+'26': 'registeredAddress',
X500ATTR+'27': 'destinationIndicator',
X500ATTR+'24': 'x121Address',
X500ATTR+'25': 'internationaliSDNNumber',
X500ATTR+'28': 'preferredDeliveryMethod',
X500ATTR+'29': 'presentationAddress',
EDUPERSON_OID+'3': 'eduPersonOrgDN',
NOREDUPERSON_OID+'3': 'norEduPersonBirthDate',
},
"to":{
'roleOccupant': X500ATTR+'33',
'gn': X500ATTR+'42',
'norEduPersonNIN': NOREDUPERSON_OID+'5',
'title': X500ATTR+'12',
'facsimileTelephoneNumber': X500ATTR+'23',
'mail': UCL_DIR_PILOT+'3',
'postOfficeBox': X500ATTR+'18',
'fax': X500ATTR+'23',
'telephoneNumber': X500ATTR+'20',
'norEduPersonBirthDate': NOREDUPERSON_OID+'3',
'rfc822Mailbox': UCL_DIR_PILOT+'3',
'dc': UCL_DIR_PILOT+'25',
'countryName': X500ATTR+'6',
'emailAddress': PKCS_9+'1',
'employeeNumber': NETSCAPE_LDAP+'3',
'organizationName': X500ATTR+'10',
'eduPersonAssurance': EDUPERSON_OID+'11',
'norEduOrgAcronym': NOREDUPERSON_OID+'6',
'registeredAddress': X500ATTR+'26',
'physicalDeliveryOfficeName': X500ATTR+'19',
'associatedDomain': UCL_DIR_PILOT+'37',
'l': X500ATTR+'7',
'stateOrProvinceName': X500ATTR+'8',
'federationFeideSchemaVersion': NOREDUPERSON_OID+'9',
'pkcs9email': PKCS_9+'1',
'givenName': X500ATTR+'42',
'x500UniqueIdentifier': X500ATTR+'45',
'eduPersonNickname': EDUPERSON_OID+'2',
'houseIdentifier': X500ATTR+'51',
'street': X500ATTR+'9',
'supportedAlgorithms': X500ATTR+'52',
'preferredLanguage': NETSCAPE_LDAP+'39',
'postalAddress': X500ATTR+'16',
'email': PKCS_9+'1',
'norEduOrgUnitUniqueIdentifier': NOREDUPERSON_OID+'8',
'eduPersonPrimaryOrgUnitDN': EDUPERSON_OID+'8',
'c': X500ATTR+'6',
'teletexTerminalIdentifier': X500ATTR+'22',
'o': X500ATTR+'10',
'cACertificate': X500ATTR+'37',
'telexNumber': X500ATTR+'21',
'ou': X500ATTR+'11',
'initials': X500ATTR+'43',
'eduPersonOrgUnitDN': EDUPERSON_OID+'4',
'deltaRevocationList': X500ATTR+'53',
'norEduPersonLIN': NOREDUPERSON_OID+'4',
'supportedApplicationContext': X500ATTR+'30',
'eduPersonEntitlement': EDUPERSON_OID+'7',
'generationQualifier': X500ATTR+'44',
'eduPersonAffiliation': EDUPERSON_OID+'1',
'eduPersonPrincipalName': EDUPERSON_OID+'6',
'localityName': X500ATTR+'7',
'owner': X500ATTR+'32',
'norEduOrgUnitUniqueNumber': NOREDUPERSON_OID+'2',
'searchGuide': X500ATTR+'14',
'certificateRevocationList': X500ATTR+'39',
'organizationalUnitName': X500ATTR+'11',
'userCertificate': X500ATTR+'36',
'preferredDeliveryMethod': X500ATTR+'28',
'internationaliSDNNumber': X500ATTR+'25',
'uniqueMember': X500ATTR+'50',
'departmentNumber': NETSCAPE_LDAP+'2',
'enhancedSearchGuide': X500ATTR+'47',
'userPKCS12': NETSCAPE_LDAP+'216',
'eduPersonTargetedID': EDUPERSON_OID+'10',
'norEduOrgUniqueNumber': NOREDUPERSON_OID+'1',
'x121Address': X500ATTR+'24',
'destinationIndicator': X500ATTR+'27',
'eduPersonPrimaryAffiliation': EDUPERSON_OID+'5',
'surname': X500ATTR+'4',
'jpegPhoto': UCL_DIR_PILOT+'60',
'eduPersonScopedAffiliation': EDUPERSON_OID+'9',
'protocolInformation': X500ATTR+'48',
'knowledgeInformation': X500ATTR+'2',
'employeeType': NETSCAPE_LDAP+'4',
'userSMIMECertificate': NETSCAPE_LDAP+'40',
'member': X500ATTR+'31',
'streetAddress': X500ATTR+'9',
'dmdName': X500ATTR+'54',
'postalCode': X500ATTR+'17',
'pseudonym': X500ATTR+'65',
'dnQualifier': X500ATTR+'46',
'crossCertificatePair': X500ATTR+'40',
'eduPersonOrgDN': EDUPERSON_OID+'3',
'authorityRevocationList': X500ATTR+'38',
'displayName': NETSCAPE_LDAP+'241',
'businessCategory': X500ATTR+'15',
'serialNumber': X500ATTR+'5',
'norEduOrgUniqueIdentifier': NOREDUPERSON_OID+'7',
'st': X500ATTR+'8',
'carLicense': NETSCAPE_LDAP+'1',
'presentationAddress': X500ATTR+'29',
'sn': X500ATTR+'4',
'domainComponent': UCL_DIR_PILOT+'25',
}
}

61
pinaxcon/settings.py
View file

@ -1,4 +1,6 @@
import os
import saml2
import saml2.saml
from django.utils.crypto import get_random_string
@ -104,6 +106,8 @@ INSTALLED_APPS = [
"django.contrib.humanize",
"debug_toolbar",
'djangosaml2',
# theme
"bootstrapform",
"pinax_theme_bootstrap",
@ -223,9 +227,14 @@ EMAIL_BACKEND = "django.core.mail.backends.console.EmailBackend"
THEME_CONTACT_EMAIL = "team@lca2018.org"
AUTHENTICATION_BACKENDS = [
"symposion.teams.backends.TeamPermissionsBackend",
'symposion.teams.backends.TeamPermissionsBackend',
'django.contrib.auth.backends.ModelBackend',
'djangosaml2.backends.Saml2Backend',
]
LOGIN_URL = '/saml2/login/'
SESSION_EXPIRE_AT_BROWSER_CLOSE = True
CONFERENCE_ID = 1
PROPOSAL_FORMS = {
"talk": "pinaxcon.proposals.forms.TalkProposalForm",
@ -269,6 +278,56 @@ NOSE_ARGS = [
'--cover-package=registrasion.controllers,registrasion.models',
]
BASEDIR = os.path.dirname(os.path.abspath(__file__))
BASEDIR = os.path.join(BASEDIR, 'saml2')
SAML_ATTRIBUTE_MAPPING = {
'uid': ('username', ),
'mail': ('email', ),
'givenName': ('first_name', ),
'sn': ('last_name', ),
}
SAML_CONFIG = {
'xmlsec_binary': '/usr/bin/xmlsec1',
'entityid': 'http://example.com/saml2/metadata/',
'attribute_map_dir': os.path.join(BASEDIR, 'attribute-maps'),
'service': {
'sp': {
'name': 'Federated Django sample SP',
'endpoints': {
'assertion_consumer_service': [
'http://example.com/saml2/acs/',
],
'single_logout_service': [
('http://example.com/saml2/ls/',
saml2.BINDING_HTTP_REDIRECT),
('http://example.com/saml2/ls/post',
saml2.BINDING_HTTP_POST),
],
},
'logout_requests_signed': True,
'required_attributes': ['uid', 'mail', 'givenName', 'sn'],
},
},
'metadata': {
'local': [os.path.join(BASEDIR, 'remote_metadata.xml')],
},
'debug': 1,
'key_file': os.path.join(BASEDIR, 'cert.key'),
'cert_file': os.path.join(BASEDIR, 'cert.pem'),
'encryption_keypairs': [{
'key_file': os.path.join(BASEDIR, 'enc.key'),
'cert_file': os.path.join(BASEDIR, 'enc.cert'),
}],
'contact_person': [
{'given_name': os.environ.get("META_GIVEN_NAME", 'Bastard'),
'sur_name': os.environ.get('META_FAM_NAME', 'Operator'),
'company': os.environ.get('META_COMPANY', 'Corp1'),
'email_address': os.environ.get('META_EMAIL', 'op@example.com'),
'contact_type': 'technical'},
],
'valid_for': 1,
}
# Production settings have their own file to override stuff here
try:
LOCAL_SETTINGS

1
pinaxcon/urls.py
View file

@ -9,6 +9,7 @@ import symposion.views
urlpatterns = [
url(r'^saml2/', include('djangosaml2.urls')),
url(r"^admin/", include(admin.site.urls)),
url(r"^dashboard/", symposion.views.dashboard, name="dashboard"),

2
requirements.txt
View file

@ -10,6 +10,8 @@ pylibmc==1.5.1
raven==5.27.0
django-debug-toolbar==1.6
djangosaml2
# database
mysqlclient>=1.3.3